You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When implementing the Terragrunt Provider Cache server, to speed up terraform init, it was decided to use TF_PLUGIN_CACHE_MAY_BREAK_DEPENDENCY_LOCK_FILE, which allows you to create a lock file super quickly, but this has its drawback, it completely trusts the files from the cache and does not check their cache and signature.
To Reproduce terragrunt run-all apply --terragrunt-provider-cache
Expected behavior
Every time Terraform requests a provider, Terragrunt Provider Cache should download the hash and signature from the remote registry to check and ensure that the cached provider is not corrupted.
Describe the bug
When implementing the Terragrunt Provider Cache server, to speed up
terraform init
, it was decided to use TF_PLUGIN_CACHE_MAY_BREAK_DEPENDENCY_LOCK_FILE, which allows you to create a lock file super quickly, but this has its drawback, it completely trusts the files from the cache and does not check their cache and signature.The discussion started from #3001
To Reproduce
terragrunt run-all apply --terragrunt-provider-cache
Expected behavior
Every time Terraform requests a provider, Terragrunt Provider Cache should download the hash and signature from the remote registry to check and ensure that the cached provider is not corrupted.
Versions
The text was updated successfully, but these errors were encountered: